Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/6B970778927311EE88A08662C4F9AE02.roa
File: 6B970778927311EE88A08662C4F9AE02.roa (raw, json)
Hash identifier: 3bN5E9t+OXhQYj6+snCWTWAH+I5gf9tFlmogT3XW8Jw=
Subject key identifier: 33:7F:2B:AF:69:10:11:96:3A:7B:D6:85:BB:41:9F:E4:D9:FB:C1:D3
Certificate issuer: /CN=A91620E0/serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17
Certificate serial: 0BCE
Authority key identifier: 74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/6B970778927311EE88A08662C4F9AE02.roa
Signing time: Mon 04 Dec 2023 07:04:52 +0000
ROA not before: Mon 04 Dec 2023 07:04:52 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 55386
IP address blocks: 47.247.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 11 Mar 2024 09:55:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3022 (0xbce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91620E0/serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17
Validity
Not Before: Dec 4 07:04:52 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656d7a14-2215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3d:45:59:40:65:44:b5:16:1a:6b:f8:28:c4:
43:14:80:13:dc:56:a0:e7:1b:36:d9:89:cd:b4:97:
6b:3d:c2:a4:e7:ab:ed:d4:fe:ce:a0:ea:16:bf:d4:
10:f2:29:bb:d3:61:66:cc:d7:fd:a6:cd:c3:7f:5c:
1a:0a:09:df:be:69:4d:4f:74:85:08:2c:2c:cd:a1:
8d:d2:c9:80:d9:8d:a9:6e:c1:d2:24:ec:6d:73:4d:
1d:13:24:83:ea:a2:37:30:63:4f:35:b8:0f:84:ea:
bb:d5:c9:ce:e0:ef:33:5d:1c:ed:b7:e2:94:e0:b1:
56:05:e4:63:d3:3d:5d:93:30:e3:ee:8c:aa:06:fb:
6d:74:96:46:12:c7:21:38:47:00:73:fd:8a:cb:8d:
0f:df:cd:ef:83:e9:8c:06:a8:1f:93:03:dd:b1:5f:
57:51:8c:91:5a:df:a3:ce:d7:ea:2c:87:e9:7c:ba:
3e:d1:08:da:f0:bb:72:50:c8:a6:7a:67:ed:0a:33:
5c:5c:ac:e6:b2:69:41:82:08:3b:16:84:19:d5:93:
5c:85:1a:44:92:94:32:20:72:b6:3c:66:ca:e0:6b:
a5:f0:b4:64:5f:df:72:5e:2c:18:f9:49:94:94:cb:
3b:9f:c2:06:d4:59:c7:da:cf:c6:c4:48:6c:2e:9f:
7a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7F:2B:AF:69:10:11:96:3A:7B:D6:85:BB:41:9F:E4:D9:FB:C1:D3
X509v3 Authority Key Identifier:
keyid:74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/6B970778927311EE88A08662C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
47.247.188.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:49:99:a7:33:68:fb:51:5a:57:81:f8:f2:94:47:c9:c1:03:
4a:1c:53:00:47:83:4d:54:33:d2:a9:6c:8e:21:d3:fc:0e:ee:
98:5f:6e:da:11:23:2b:17:5d:1c:ff:ab:c9:11:dc:fd:ee:6e:
6d:0f:86:1f:9e:c6:66:ec:8f:0a:31:c8:af:1a:08:a2:b4:68:
27:c0:08:d2:8e:00:76:20:d7:52:88:5b:ac:2d:29:12:bc:3f:
f3:e9:b4:23:ab:b5:f3:a6:af:3f:fe:ca:4a:f6:9b:4e:97:bf:
9b:53:80:18:b2:81:63:93:f8:a3:b2:92:91:01:b8:02:81:61:
13:ec:85:cd:18:1c:66:a7:e3:87:e7:66:9d:2a:7c:dc:da:cc:
6d:b7:43:c5:d1:1f:bc:69:00:ca:50:6e:4b:06:ae:f2:36:9f:
48:22:ef:81:e3:aa:19:10:22:67:af:87:7d:d1:cf:91:31:c6:
08:f7:75:78:c3:bc:1c:88:88:68:46:bc:e0:7b:a3:8d:e1:8e:
a4:89:ee:ec:78:a0:33:3d:68:da:6c:32:4d:fe:d3:c3:8e:60:
81:e2:8e:f2:83:12:be:fe:af:93:b1:56:68:d5:fe:88:eb:b2:
fd:17:63:f2:79:ff:3b:a4:ba:2c:53:67:da:5c:3b:d5:a9:7e:
03:92:97:87
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC84wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIwRTAxMTAvBgNVBAUTKDc0RTVCQjlCNkQzQ0M3RjhDMjlBODNCREM4NDkyQjk2
NTlGMEVFMTcwHhcNMjMxMjA0MDcwNDUyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZkN2ExNC0yMjE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsT1FWUBlRLUWGmv4KMRDFIAT3Fag5xs22YnNtJdrPcKk56vt1P7OoOoWv9QQ
8im702FmzNf9ps3Df1waCgnfvmlNT3SFCCwszaGN0smA2Y2pbsHSJOxtc00dEySD
6qI3MGNPNbgPhOq71cnO4O8zXRztt+KU4LFWBeRj0z1dkzDj7oyqBvttdJZGEsch
OEcAc/2Ky40P383vg+mMBqgfkwPdsV9XUYyRWt+jztfqLIfpfLo+0Qja8LtyUMim
emftCjNcXKzmsmlBggg7FoQZ1ZNchRpEkpQyIHK2PGbK4Gul8LRkX99yXiwY+UmU
lMs7n8IG1FnH2s/GxEhsLp96FwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDN/K69p
EBGWOnvWhbtBn+TZ+8HTMB8GA1UdIwQYMBaAFHTlu5ttPMf4wpqDvchJK5ZZ8O4X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjBFMC9EOTY0QjQ4MjMx
MEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9kT1c3bTIwOHhfakNtb085eUVrcmxsbnc3
aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2RPVzdtMjA4eF9qQ21vTzl5RWtybGxudzdoYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIwRTAvRDk2NEI0ODIzMTBFMTFFQTlDM0NFNzJGQzRGOUFFMDIvNkI5NzA3Nzg5
MjczMTFFRTg4QTA4NjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIv97wwDQYJKoZIhvcNAQELBQADggEBAHxJmaczaPtRWleB
+PKUR8nBA0ocUwBHg01UM9KpbI4h0/wO7phfbtoRIysXXRz/q8kR3P3ubm0Phh+e
xmbsjwoxyK8aCKK0aCfACNKOAHYg11KIW6wtKRK8P/PptCOrtfOmrz/+ykr2m06X
v5tTgBiygWOT+KOykpEBuAKBYRPshc0YHGan44fnZp0qfNzazG23Q8XRH7xpAMpQ
bksGrvI2n0gi74HjqhkQImevh33Rz5Exxgj3dXjDvByIiGhGvOB7o43hjqSJ7ux4
oDM9aNpsMk3+08OOYIHijvKDEr7+r5OxVmjV/ojrsv0XY/J5/zukuixTZ9pcO9Wp
fgOSl4c=
-----END CERTIFICATE-----
Generated at Mon Mar 11 14:52:24 2024 by rpki-client on console-fra.rpki-client.org